Overview: 1 vulnerability

WSA Score Severity Issue Vulnerability type Scope Versions Fix Release date
WSA-2026-4 6.5
Missing size limit for the received websocket frame, HTTP message and HTTP body. Memory Allocation with Excessive Size Value Relay 0.3.7 → 4.9.1 4.9.2

WSA-2026-4: [Relay] Missing size limit for the received websocket frame, HTTP message and HTTP body.

Vulnerability
CVE
Not available
CVSS vector
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (detail)
CVSS score
6.5 / 10
Severity
medium
Vulnerability type
Memory Allocation with Excessive Size Value (detail)
Scope
Relay
Affected versions
0.3.7 → 4.9.1
Fixed version
4.9.2 () - ChangeLog
Tracker
Not available
Commits
Commit Commit
Description
When receiving part of websocket frame, HTTP message or HTTP body, the Relay plugin builds a partial buffer until the end of data is found.
There is no limit for the allocated buffer.
A malicious client sending large amount of data without end of websocket frame or HTTP message/body can lead to memory exhaustion and the WeeChat process can be killed by the OOM killer.
Mitigation
There are multiple ways to mitigate this issue:

GitHub Mastodon X

Copyright © 2003-2026 Sébastien HelleuAbout WeeChat.org — Theme: light (dark)